Is A Ransom In Your Mac’s Future?

One of the sad effects of modern news which runs 24 hours a day, seven days a week is the tendency to focus on news that is easy to get to, sensationalistic, and often inflammatory.

The election cycle in the US is a good example. It’s far more theater and entertainment than it is serious news, but the contenders have learned how to make their noise rise above the day’s news noise. That conflation means we miss some important news that gets buried. Here’s an example.

Pay Up. Or, Else

You can be forgiven if you haven’t heard the latest bad news to hit the technology industry. No, it’s not the FBI trying to hack into your iPhone. It’s a thing called ransomware. It’s a thing. And it’s dangerous.

Ransomware:

A type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system’s hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file

Ransomware is on the rise, a growing threat to companies and their IT systems, as well as software vendors with applications that are notoriously, uh, well, easy to hack. Reuters on Adobe’s Flash.

The software maker urged the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in “drive-by” attacks that infect computers with ransomware when tainted websites are visited.

Uh oh. Macs are on that list. In the case of the Flash ransomware the malware encrypts data, locks up an infected computer, then demands a payment (which ranges from $200 to $600 for each infected device).

Those threats are real and growing in number, but that also means phishing attempts are growing in number, too. Think of it as ransomware that knows your email address. BBC News:

It’s incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive – it happens in seconds

Part of the problem is that today’s computer systems– whether the Mac or PC you use each day, or so-called hardened systems run by large corporations, banks, or other agencies, are extremely complicated; complex to a fault, and all those layers of complexity breed opportunities for malware to take root and spread.

Last week news of 10 Maryland hospitals that came under ransomware attacks hit the news, the so-called Samsam crypto-ransomware.

Analysis of other Samsam attacks shows that the most likely cause of the attack on MedStar is an improperly installed JBoss server. The installation appears to have used the default settings that left access to the server’s management interface open to the Internet. That sort of misconfiguration is what the JexBoss tool used by the Samsam ransomware operators leverages to install a remote command shell.

Complexity breeds vulnerabilities which attract hackers to exploit. Ransomware is the new malware that makes money for hackers.

Apple fans used to brag about how their operating system of choice was virus free. Now that Macs are more prominent, so too are viruses. The latest sign that Apple devices have become big enough to target: OS X ransomware found in the wild.

Researchers at security firm Palo Alto Networks first detected the ransomware, dubbed KeRanger, on March 4. The malicious software was found in a corrupted download for popular Mac BitTorrent client Transmission.

That one was fixed quickly and affected a limited number of the Mac user base, but it’s the first of many such attacks that will come in the future. What can you do?

First, keep your Mac updated with Apple’s latest versions. Second, beware of which websites you visit, and which files you download. A few clicks on the wrong website URL or a free app to download can cause plenty of misery and make you the news.

Bank On It

Manage your money and control finances better than Quicken with Banktivity 7. Start with templates and setup event based budgets, track bills, check investments and monitor assets, record all your transactions, view reports, and sync between Mac, iPhone, and iPad.

Finder Secrets

About Jeffrey Mincey

As a Mac, Windows, and Linux system administrator in Atlanta, Georgia, I've used Macs for almost 30 years (mostly late at night). Read more of my articles here. Check out my Mac tips, tricks, and app reviews at Bohemian Boomer.

Reader Interactions

« Next Article

Previous Article »

Comments

Third, take regular, separate backups using a sensible multi-day backup system. That’s essential if you want to recover from a ransomware infection without serious surgery…

Primary Sidebar

Power Mac Finder

Give your Mac's Finder new super powers, manage files and folders faster, control it all with Path Finder. Get full keyboard navigation in a Finder-like app with dual pane view, folder sync, and a long list of tools.